Just installed VNC on sol 7 enviornment and receive same errors..?
1) can get CDE running fine, but only root can run, normal users not able to
run.
2) How should I have vnc setup? Sever servers to choose from. Depending on
the load, should I distribute serveral installs per unix server, or do one
installation on one machine ...?
Please help me with the following error reffering to question 1).
"rfbAuthProcessClientMessage: authentication failed from 192.168.1.65"
Your help is greatly appreciated.
Thank you,
Orlando
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, May 21, 2001 2:44 PM
To: [EMAIL PROTECTED]
Subject: RE: problem in starting vncserver on sol26
Hi Ajit ,
For Solaris add -pr to your Xvnc string.
Cheers
Richard.
-----Original Message-----
From: Ajit Alok [mailto:[EMAIL PROTECTED]]
Sent: 19 May 2001 01:02
To: [EMAIL PROTECTED]
Subject: problem in starting vncserver on sol26
Hi All
Previously it was working fine. I was able to restart the server. Now I
rebooted the machine.
I am trying to start the server again . It throw error in goes in loop.
Fatal server error:
Failed to establish all listening sockets
_XSERVTransSocketCreateListener: failed to bind listener
_XSERVTransSocketUNIXCreateListener: ...SocketCreateListener() failed
_XSERVTransMakeAllCOTSServerListeners: failed to create listener for local
I am running following command to start the vnc server.
Xvnc :1 -geometry 1024x768 -depth 16 -once -query farworld -httpd
/local/vnc/classes -httpport 5801 -dontdisconnect -fp
tcp/farworld:7100 -auth /home/corp/aalok/Xauthority -rfbauth
/home/corp/aalok/.vnc/passwd
$0
Above are the two lines in script file.
Second problem is , when ever you tries to connect to vncserver from a
remote client , every times it creates a new process on server machine and
doesn't terminate it after done.
Any pointer to above problem is well appreciated.
Thanks
Ajit
vnc-list-digest wrote:
> vnc-list-digest Friday, May 18 2001 Volume 01 : Number
1136
>
> ............................
> VNC-LIST-DIGEST is a daily collection of the messages sent to the
> VNC mailing list. For more information about VNC see the home page
> http://www.uk.research.att.com/vnc .
>
> In this issue:
>
> re: nmap to port 6001 kills vnc session...
> re: nmap to port 6001 kills vnc session...
> Obtaining IP address over internet
> RE: Obtaining IP address over internet
> RE: Obtaining IP address over internet
> RE: Obtaining IP address over internet
> Argh! HowTo inetd ... script
> asciicircum sent twice
> AW: Obtaining IP address over internet
> Re: Obtaining IP address over internet
> Re: remotely installing VNC
> RE: vnc without screen update
> Re: Obtaining IP address over internet
> Re: remotely installing VNC
> VNC vs Tridia
> omnithread_rt.dll
> RE: HELP me please, vnc on windows nt but the users always close
the vnc client
> Vnc server on Unix
> Re: vnc without screen update
> Re: VNC vs Tridia
> re: nmap to port 6001 kills vnc session...
> Connecting to my (small) office network (ADSL problem?)
> Re: VNC vs Tridia
> re: nmap to port 6001 kills vnc session...
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: nmap to port 6001 kills vnc session...
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: nmap to port 6001 kills vnc session...
> Re: Connecting to my (small) office network (ADSL problem?)
> RE: HELP me please, vnc on windows nt but the users always close
the vnc client
> Re: nmap to port 6001 kills vnc session...
> How to install VNC on remote machine
> RedHat 7.0 and VNC
> Re: Obtaining IP address over internet
> Re: How to install VNC on remote machine
> Re: Obtaining IP address over internet
> ............................
>
> ----------------------------------------------------------------------
>
> Date: Wed, 16 May 2001 23:36:49 -0700 (PDT)
> From: "Scott C. Best" <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> Mike:
> Hello! Some thoughts on what you're seeing:
>
> > If I run nmap on another machine as follows:
> >
> > nmap -p 6001 host.machine
>
> Instead of running nmap on all those ports (the
> - -p <number>, without the number, scans all the low numbered
> ports <1024, plus any that come with the nmap config files)
> have you tried just running it against the 5801/5901 ports?
> That'd be interesting to see if it crashed your Xvnc again.
>
> > This is a very serious problem because it means that a port scan will
> > kill my VNC session. This has happened to me more than once, but I
> > didn't realize it until I scanned myself. It means that anyone in the
> > world can block my use of VNC.
> >
> > If there is some way I can protect myself, please let me know.
>
> Actually, in my experience, an nmap scan like this is
> rather unlikely in the "real world". A scan like this, against
> all 1024 low numbered ports, is about as subtle as a brick, and
> stands out like a bonfire in the firewall logs. In fact, using
> nmap (or Nessus) is a good way to DoS attack a firewall, as it
> creates thousands of log entries very quickly that could fill
> the system disk on some thin-server systems.
> Which of course gets to my final point: you can protect
> yourself against port scans by putting a firewall in between your
> Internet connection and your VNC Solaris machines. Then the
> firewall would take the heat from nmap, and not your VNC servers.
>
> cheers,
> Scott
>
> ------------------------------
>
> Date: Thu, 17 May 2001 01:48:11 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> On Wed, 16 May 2001, Scott C. Best wrote:
>
> > > If I run nmap on another machine as follows:
> > >
> > > nmap -p 6001 host.machine
> >
> > Instead of running nmap on all those ports (the -p <number>,
> > without the number, scans all the low numbered ports <1024, plus any
> > that come with the nmap config files) have you tried just running it
> > against the 5801/5901 ports? That'd be interesting to see if it
> > crashed your Xvnc again.
>
> I haven't tried it, but I don't like to crash it. Maybe someone else can
> try it.
>
> > > This is a very serious problem because it means that a port scan will
> > > kill my VNC session. This has happened to me more than once, but I
> > > didn't realize it until I scanned myself. It means that anyone in the
> > > world can block my use of VNC.
> > >
> > > If there is some way I can protect myself, please let me know.
> >
> > Actually, in my experience, an nmap scan like this is rather
> > unlikely in the "real world".
>
> Like you, I'm in the "real world." It happens sometimes. If by
> 'unlikely' you mean that it doesn't happen often, I agree. If you mean
> "unlikely to happen ever," then I disagree. Lately I've been getting
> scans like this from China. As you suggested, they are not subtle. I
> monitor several machines, so almost nothing seems subtle to me. The fact
> that their activities are obvious doesn't seem to worry most of these
> attackers.
>
> Yes, I could put up a firewall.
>
> This brings me to my original question: Is port 60xx DoS attack a known
> VNC problem?
>
> (I'm not criticizing VNC.)
>
> Mike
>
> ------------------------------
>
> Date: Thu, 17 May 2001 08:44:00 +0100
> From: "Steve Godfrey" <[EMAIL PROTECTED]>
> Subject: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every
time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:01:23 -0000
> From: "Howlett, Simon (NESL-IT)" <[EMAIL PROTECTED]>
> Subject: RE: Obtaining IP address over internet
>
> Isn't that illegal ?
>
> Simon Howlett
> NT Server Team
>
> -----Original Message-----
> From: Steve Godfrey [mailto:[EMAIL PROTECTED]]
> Sent: 17 May 2001 07:44
> To: [EMAIL PROTECTED]
> Subject: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every
time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
>
****************************************************************************
****************
> E mail Disclaimer
>
> You agree that you have read and understood this disclaimer and you agree
to be bound by its terms.
>
> The information contained in this e-mail and any files transmitted with
> it (if any) are confidential and intended for the addressee only. If you
have
> received this e-mail in error please notify the originator or telephone
> 0191 210 2060 or e-mail [EMAIL PROTECTED]
>
> This e-mail and any attachments have been scanned for certain
> viruses prior to sending but neither Northern Electric plc nor any of the
companies in the Northern Electric group of companies from whom this e-mail
originates shall be liable for any losses as a result of any viruses being
passed on.
>
> No warranty of any kind is given in respect of any information contained
in this e-mail and you should be aware that that it might be incomplete, out
of date or incorrect. It is therefore essential that you verify all such
information with us before placing any reliance upon it.
>
> Northern Electric plc
> Carliol House
> Market Street
> Newcastle-upon-Tyne
> NE1 6NE
> Registered in England and Wales: Number 2366942
>
>
****************************************************************************
****************
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:16:10 +0100
> From: "Steve Godfrey" <[EMAIL PROTECTED]>
> Subject: RE: Obtaining IP address over internet
>
> My typo or obtaining an IP address?!? I hoped no-one would notice that
one
> :-(
>
> >>> [EMAIL PROTECTED] 05/17/01 10:01am >>>
> Isn't that illegal ?
>
> Simon Howlett
> NT Server Team
>
> -----Original Message-----
> From: Steve Godfrey [mailto:[EMAIL PROTECTED]]
> Sent: 17 May 2001 07:44
> To: [EMAIL PROTECTED]
> Subject: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every
time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
>
****************************************************************************
*
> ***************
> E mail Disclaimer
>
> You agree that you have read and understood this disclaimer and you agree
to
> be bound by its terms.
>
> The information contained in this e-mail and any files transmitted with
> it (if any) are confidential and intended for the addressee only. If you
> have
> received this e-mail in error please notify the originator or telephone
> 0191 210 2060 or e-mail [EMAIL PROTECTED]
>
> This e-mail and any attachments have been scanned for certain
> viruses prior to sending but neither Northern Electric plc nor any of the
> companies in the Northern Electric group of companies from whom this
e-mail
> originates shall be liable for any losses as a result of any viruses being
> passed on.
>
> No warranty of any kind is given in respect of any information contained
in
> this e-mail and you should be aware that that it might be incomplete, out
of
> date or incorrect. It is therefore essential that you verify all such
> information with us before placing any reliance upon it.
>
> Northern Electric plc
> Carliol House
> Market Street
> Newcastle-upon-Tyne
> NE1 6NE
> Registered in England and Wales: Number 2366942
>
>
****************************************************************************
*
> ***************
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 10:18:59 +0200
> From: "Gustafsson, Bjorn" <[EMAIL PROTECTED]>
> Subject: RE: Obtaining IP address over internet
>
> Huh?
> How on earth could that be illegal?
>
> Okay, the quick solution:
> Obtain one of those free subdomains (like cjb.net and the likes of it).
You
> could then VNC to that address and wouldn't have to worry about the ip. Of
> course you would need a client that refreshes the domain IP every now and
> then.
>
> Can't say if it works though, never attemped the likes of it (no free
local
> calls in sweden), but there shouldn't be any problems with it. I however
> doubt that your system/network adminstrator would like you VNCing from
work
> to your home machine :)
>
> /Bjorn, who will attempt the same thing once he can get his hands on a
> broadband/DSL connection :)
>
> > -----Original Message-----
> > From: Howlett, Simon (NESL-IT)
> > [mailto:[EMAIL PROTECTED]]
> > Sent: den 17 maj 2001 11:01
> > To: [EMAIL PROTECTED]
> > Subject: RE: Obtaining IP address over internet
> >
> >
> > Isn't that illegal ?
> >
> > Simon Howlett
> > NT Server Team
> >
> >
> > -----Original Message-----
> > From: Steve Godfrey [mailto:[EMAIL PROTECTED]]
> > Sent: 17 May 2001 07:44
> > To: [EMAIL PROTECTED]
> > Subject: Obtaining IP address over internet
> >
> > I wank to VNC to my home PC from work over the internet, My
> > dial-up modem
> > connection is occasionally dropped and the IP address will
> > change every time
> > the PC reconnects. Any suggestion for obtaining my IP
> > address remotely?
> >
> > Thanks
> >
> >
> > Steve Godfrey
> > WAN Team
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
> > **************************************************************
> > ******************************
> > E mail Disclaimer
> >
> > You agree that you have read and understood this disclaimer
> > and you agree to be bound by its terms.
> >
> > The information contained in this e-mail and any files
> > transmitted with
> > it (if any) are confidential and intended for the addressee
> > only. If you have
> > received this e-mail in error please notify the originator or
> > telephone
> > 0191 210 2060 or e-mail [EMAIL PROTECTED]
> >
> > This e-mail and any attachments have been scanned for certain
> > viruses prior to sending but neither Northern Electric plc
> > nor any of the companies in the Northern Electric group of
> > companies from whom this e-mail originates shall be liable
> > for any losses as a result of any viruses being passed on.
> >
> > No warranty of any kind is given in respect of any
> > information contained in this e-mail and you should be aware
> > that that it might be incomplete, out of date or incorrect.
> > It is therefore essential that you verify all such
> > information with us before placing any reliance upon it.
> >
> > Northern Electric plc
> > Carliol House
> > Market Street
> > Newcastle-upon-Tyne
> > NE1 6NE
> > Registered in England and Wales: Number 2366942
> >
> >
> > **************************************************************
> > ******************************
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Wed, 16 May 2001 22:24:43 -0700
> From: Alex Perry <[EMAIL PROTECTED]>
> Subject: Argh! HowTo inetd ... script
>
> From: Alex
> > [demime 0.97b removed an attachment of type application/octet-stream
> > which had a name of DOVNC]
> From: "Seth Kneller" <[EMAIL PROTECTED]>
> Subject: RE: Argh! HowTo inetd ...
> > Nice Instructions, however, you should have pasted the script into the
> > body of the message.
> Sigh ... here it is.
>
> #! /bin/bash
> #
> # VNC spawning script
> # ===================
> # (c) Quantum Magnetics 2001, GPL
> #
> ##########################################################################
> #
> # Find out which session
>
> session=${1:-0}
>
> if test $session -lt 0
> then exit 1
> fi
>
> if test $session -gt 0
> then java="-httpd /usr/share/vncserver -httpport 580$session :$session"
> logfile=/var/log/vnc-$session.log
> else java="-inetd"
> logfile=/dev/null
> fi
>
> ##########################################################################
> #
> # Do something sensible with log files
>
> if test -f $logfile
> then if test -f $logfile.gz
> then rm -f $logfile.gz
> fi
> gzip $logfile
> fi
>
> ##########################################################################
> #
> # Find out which XDM to contact
>
> case "$session" in
> 2)
> target="-indirect xdmserver"
> ;;
> 1)
> target="-query appserver"
> ;;
> *)
> target="-query ${2:-localhost}"
> ;;
> esac
>
> ##########################################################################
> #
> # Actually start the server
>
> exec /usr/bin/X11/Xvnc $target $java \
> -geometry 800x600 -depth 16 -deferglyphs 16 -dpi 100 \
> -dontdisconnect -nevershared -once -terminate \
> 2> $logfile
>
> ------------------------------
>
> Date: Thu, 17 May 2001 11:56:21 +0200
> From: Clemens Resanka <[EMAIL PROTECTED]>
> Subject: asciicircum sent twice
>
> Hi all,
>
> I'm using the latest windows vncviewer to view a linux desktop (Xvnc)
> Everything works fine, except the asciicirum (^) key. When I press the
> ^ key it shows up twice (^^).
>
> Now the strange part:
> For testing I remap the keycode to x:
> xmodmap -e "keycode 23 = x"
>
> >From then on I get two capital Xs (XX), when I press the ^ key.
> Can anyone explain this?
>
> Since showkeys does not show anything with the -s flag, I conclude,
> that I do not get scancodes. So I guess the windows-client remaps the
> scancode to a keycode??
>
> I'm using a german keymap. vncclient says it's keyboard 00000407
> Can this problem be solved with the -keyboard option?
>
> So far..
>
> - Clemens -
>
> ------------------------------
>
> Date: Thu, 17 May 2001 13:11:38 +0200
> From: "oan" <[EMAIL PROTECTED]>
> Subject: AW: Obtaining IP address over internet
>
> Go to http://www.no-ip.com there you can register and they are exactly
your
> solution (dynamic ip address). You can then download their client and
he'll
> update you're ip automatically.
>
> oan
>
> - -----Ursprungliche Nachricht-----
> Von: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]Im Auftrag von Steve Godfrey
> Gesendet: Donnerstag, 17. Mai 2001 09:44
> An: [EMAIL PROTECTED]
> Betreff: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every
time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 07:33:07 -0400
> From: "Jonathan D. Proulx" <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> On Thu, May 17, 2001 at 01:11:38PM +0200, oan wrote:
> :Go to http://www.no-ip.com there you can register and they are exactly
your
> :solution (dynamic ip address). You can then download their client and
he'll
> :update you're ip automatically.
>
> On a similar note, I use http://www.dhs.org for my home machine.
> Theye don't have theirown client, but there's several that user's have
> contributed.
>
> - -Jon
>
> ------------------------------
>
> Date: Thu, 17 May 2001 16:12:45 +0200
> From: "Ran Sasson" <[EMAIL PROTECTED]>
> Subject: Re: remotely installing VNC
>
> > For scripting it, I borrowed the password-encryption of the server code
> and
> > wrote a small command-line registry-setting program that will set a
> > password in the registry (regedit can't do the correct data types for a
> > .REG import), which is really handy.
>
> where can it be found ?
>
> ------------------------------
>
> Date: Thu, 17 May 2001 08:23:17 -0600
> From: "Roger Campbell" <[EMAIL PROTECTED]>
> Subject: RE: vnc without screen update
>
> We are building something similar for a training application. The clients
> (there will be many) are viewing the single server. So, we are changing
the
> server to update without the client update request message.
>
> Normally, the client runs a continuous loop that requests update,
processes
> update, then repeats. So, there are both client and server changes to
your
> request. The server needs to "push" updates without being requested and
the
> client needs to receive and process them without sending a request. Our
> solution involves making the server update by assuming a full update was
> requested and then just having clients process the update as they receive
> them.
>
> Roger Campbell
>
> - -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of minou@ife
> Sent: Wednesday, May 16, 2001 10:08 AM
> To: [EMAIL PROTECTED]
> Subject: vnc without screen update
>
> Hello
>
> At our institute we are interested in a version of vnc which does NOT
update
> the screen on the client side.
> This because we have different machines sharing the same screen. As there
> are no switchboxes for unix
> and window keyboards we use VNC to share mouse and keyboard.
>
> Hence we looked in the source files of WinServer and Unix/Linux-Clients.
> Here we need some help.
> Who can advice us, which part to change to disable the screen update.
Where
> would be the right
> address to get some assistance?
>
> Actually we are trying to figure out if we better change the WinServer of
> the UnixClient. Is it right, that
> the client triggers the screen update, so we could stop the triggering, or
> does the server automatically
> send screen update upon reception of keystrokes and mouse movements?
>
> (of course we disabled all polling and use 8bit colors only)
>
> Help would be very appreciated!
>
> thank you
>
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:18:33 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> Steve,
>
> >I wank to VNC to my home PC from work over the internet, My dial-up
modem
> >connection is occasionally dropped and the IP address will change every
time
> >the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Personally, I use the Tzolkin "dynamic DNS" service (http://www.tzo.com).
> The client came free with my Ugate-3000 broadband gateway, and the service
> is free for 1 year.
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:27:46 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: remotely installing VNC
>
> > > For scripting it, I borrowed the password-encryption of the server
code and
> > > wrote a small command-line registry-setting program that will set a
> > > password in the registry (regedit can't do the correct data types for
a
> > > .REG import), which is really handy.
> >
> >where can it be found ?
>
> Having written it for personal consumption (I didn't even know this list
> existed at the time, or I'd have asked if anyone already had something
that
> did the same thing!), I haven't made it publicly available.
>
> I'll email it to you directly, under separate cover.
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 10:22:55 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: VNC vs Tridia
>
> Okay, I've seen many references to the two suites, but I'm looking for
> something more conclusive.
>
> I see that Tridia has more encoding options (adding compression), but AT&T
> VNC is ported to more platforms. Fine. But as my primary use is 100%
> "wintel" << yeah, yeah, *nix is much better, but I'm a corporate IT guy
> that has to support an infrastructure of wintel boxes---cut me some slack,
> OK ;-) >> and both suites exist for that platform, I'd *really* like to
> know why some of you have mixed installations. Basically, if you're using
> Tridia to get better WAN/dialup inet performance, why keep AT&T VNC around
> for the LAN side? What's to be gained by a mixed VNC infrastructure?
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 10:26:17 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: omnithread_rt.dll
>
> I've been successful running WinVNC and omnithread_rt.dll in the same
> directory, rather than copying the DLL to %winroot%\system or
> %winroot%\system32.
>
> Is there a good reason why the installer still insists on putting the DLL
> in the system directory?
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 11:19:16 -0400
> From: Joe Campbell <[EMAIL PROTECTED]>
> Subject: RE: HELP me please, vnc on windows nt but the users always close
the vnc client
>
> Dan,
>
> I'm looking for a way to run VNC in stealth mode so it doesn't appear on
the
> SysTray.
> I'd rather not turn off the entire system tray. Is that possible?
> We are in an all Windows environment (win 95 clients and Win NT servers)
>
> Joe Campbell
> Express-1, Inc.
> Buchanan, Michigan 49107
> [EMAIL PROTECTED]
>
> - -----Original Message-----
> From: Dan Frantz [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 16, 2001 3:06 PM
> To: [EMAIL PROTECTED]
> Subject: RE: HELP me please, vnc on windows nt but the users always
> close the vnc client
>
> Hey, what I did was a little in depth, but then again, I kind of
taylor-fit
> VNC to my needs. I work for a call center, and the supervisors wanted
visual
> monitoring capabilities. I proposed VNC, and they loved it. It had 3
> problems though:
> 1) no simple way to disable password checking (without a dialog box
warning
> msg)
> 2) Users could exit VNC and/or kill all connected clients, mess
> w/properties, etc
> 3) tray icon changed colours when people connected.
>
> It was a bit tricky, but I got all three "problems" fixed.
>
> 1) Set "AuthRequired" to 0 so no password was necessary
>
> 2) A little more difficult, but I had first set it so no one could change
> properties, then I made some registry changes using "AllowProperties" and
> "AllowShutdown". Then I wised up, and discovered I can set it for certain
> users to have access to shutting down and changing properties by
specifying
> them in the [HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3\<username>] key. (I
set
> the whole IT dept up to be able to shutdown/change properties)
>
> 3) a bit more involved, but while editing the source so the silly
"warning,
> password blank, blah blah blah" warning dialog box didn't pop-up (it's
> nested in an "if,then,else" statement...just remove the "else" part and it
> compiles fine)I also changed the tray icon to be white at all times
> (replaced the black/green icon with a copy of the normal icon)
>
> Yeah, a bit more difficult and drawn out then what Jason Powell suggested,
> but I wanted to keep the tray icon so I could quickly see who had VNC and
> who did not :) If you want a copy of the regkeys I used, email me back
>
> __________________________________
> Dan Frantz, CNA
>
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 17:38:36 +0200
> From: "Nicolas Sciboz" <[EMAIL PROTECTED]>
> Subject: Vnc server on Unix
>
> Hi !
> Sorry for my english, i' m swiss-french !
> I' ve a question, i start vncserver .... ok !
> i start vncviewer for windows, and i see only the terminal and not my
> x-windows ?
>
> Have you a idea for me ?
>
> Thanks, Nicolas Sciboz
>
> ------------------------------
>
> Date: Thu, 17 May 2001 11:14:38 -0400
> From: Grant McDorman <[EMAIL PROTECTED]>
> Subject: Re: vnc without screen update
>
> Look for x2vnc. It's fairly old, but it works fine. I am using it right
now
> to use the same (Unix) keyboard for a Solaris system and a Windows NT
system
> sitting on my desktop.
>
> According to minou@ife:
> > Hello
> >
> > At our institute we are interested in a version of vnc which does NOT
> update
> > the screen on the client side.
> > This because we have different machines sharing the same screen. As
there
> > are no switchboxes for unix
> > and window keyboards we use VNC to share mouse and keyboard.
> >
> > Hence we looked in the source files of WinServer and Unix/Linux-Clients.
> > Here we need some help.
> > Who can advice us, which part to change to disable the screen update.
Where
> > would be the right
> > address to get some assistance?
> >
> > Actually we are trying to figure out if we better change the WinServer
of
> > the UnixClient. Is it right, that
> > the client triggers the screen update, so we could stop the triggering,
or
> > does the server automatically
> > send screen update upon reception of keystrokes and mouse movements?
> >
> > (of course we disabled all polling and use 8bit colors only)
> >
> >
> > Help would be very appreciated!
> >
> >
> > thank you
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
>
> - --
>
> Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant
> Cedara Software Corp. <URL:http://www.cedara.com>
> (formerly I.S.G. Technologies Inc.)
> Mississauga, Ontario, Canada
>
> [demime 0.97b removed an attachment of type application/pgp-signature]
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:38:58 -0700
> From: "Michael F. March" <[EMAIL PROTECTED]>
> Subject: Re: VNC vs Tridia
>
> I use them both and since they interoperate very well, it does
> not seem to be a pain to have them both around.
>
> On my Windows box, for instance, both versions of the client
> share most of the same config and register settings so I can
> pop back and forth between both versions with little hassle.
>
> > Okay, I've seen many references to the two suites, but I'm looking for
> > something more conclusive.
> >
> > I see that Tridia has more encoding options (adding compression), but
AT&T
> > VNC is ported to more platforms. Fine. But as my primary use is 100%
> > "wintel" << yeah, yeah, *nix is much better, but I'm a corporate IT guy
> > that has to support an infrastructure of wintel boxes---cut me some
slack,
> > OK ;-) >> and both suites exist for that platform, I'd *really* like to
> > know why some of you have mixed installations. Basically, if you're
using
> > Tridia to get better WAN/dialup inet performance, why keep AT&T VNC
around
> > for the LAN side? What's to be gained by a mixed VNC infrastructure?
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:49:48 -0700 (PDT)
> From: "Scott C. Best" <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> Mike:
> Hello! I'm sorry that my suggestions don't sound
> appealing to you. It sounds like you found a potential
> weakness in a VNC system, but are dis-inclined to gather
> more data about the particulars. My experience with open
> source projects over the years is that the person who calls
> in the fire is often expected to help aim the hose. :)
> Regarding those real-world nmap scans, and those
> port-53 DNS scans (the Lion worm, was it?) that securityfocus.com
> reported as originating in China somewhere...there is, from
> my POV, a big difference. Certainly, I didn't mean to imply
> that either of them is unimportant and shouldn't be worried
> about. However, it is important IMO to distinguish between
> the relative threat level, and that does include taking
> stock of the frequency of occurrence.
> Like you, I get keyhole scanned several times a day,
> people looking for Sub-7 or RPC or whatever. In fact, my own
> ISP scans me for running an NNTP server at least once a day. :)
> Yet...I don't think I've ever been nmap'd into a denial of
> service. Though there was that time when I unleased a Nessus
> scan on my firewall from www.vulnerabilities.org, just to see
> what'd happen. Ug.
>
> Which gets to your original question: no, until your
> post, I've never heard that Xvnc can be DoS'd with an nmap
> scan. I'd be very much interested, as you would be, if that
> could be confirmed. I don't run Xvnc here, so all the help
> I can offer has been.
> Good luck!
>
> cheers,
> Scott
>
> On Thu, 17 May 2001, Mike Miller wrote:
>
> > On Wed, 16 May 2001, Scott C. Best wrote:
> >
> > > > If I run nmap on another machine as follows:
> > > >
> > > > nmap -p 6001 host.machine
> > >
> > > Instead of running nmap on all those ports (the -p <number>,
> > > without the number, scans all the low numbered ports <1024, plus any
> > > that come with the nmap config files) have you tried just running it
> > > against the 5801/5901 ports? That'd be interesting to see if it
> > > crashed your Xvnc again.
> >
> > I haven't tried it, but I don't like to crash it. Maybe someone else
can
> > try it.
> >
> >
> > > > This is a very serious problem because it means that a port scan
will
> > > > kill my VNC session. This has happened to me more than once, but I
> > > > didn't realize it until I scanned myself. It means that anyone in
the
> > > > world can block my use of VNC.
> > > >
> > > > If there is some way I can protect myself, please let me know.
> > >
> > > Actually, in my experience, an nmap scan like this is rather
> > > unlikely in the "real world".
> >
> > Like you, I'm in the "real world." It happens sometimes. If by
> > 'unlikely' you mean that it doesn't happen often, I agree. If you mean
> > "unlikely to happen ever," then I disagree. Lately I've been getting
> > scans like this from China. As you suggested, they are not subtle. I
> > monitor several machines, so almost nothing seems subtle to me. The
fact
> > that their activities are obvious doesn't seem to worry most of these
> > attackers.
> >
> > Yes, I could put up a firewall.
> >
> > This brings me to my original question: Is port 60xx DoS attack a known
> > VNC problem?
> >
> > (I'm not criticizing VNC.)
> >
> > Mike
>
> ------------------------------
>
> Date: Thu, 17 May 2001 19:07:22 +0200
> From: Jan Bletz <[EMAIL PROTECTED]>
> Subject: Connecting to my (small) office network (ADSL problem?)
>
> VNC is a great programme!
>
> But: how can I connect to my office network? I have 3 computers,
> permanently connected with ethernetcards and to the internet (an ADSL
> connected). According to WIN VNC, my IP-address is 10.0.0.10,
> 194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I
am
> not able to connect, for some reason. (I can reach the computer when it is
> directly connected to the internet by modem).
>
> I looked through the mailing list archives, but didn't find an answer. (Or
> maybe I did, but didn't understand!) Maybe someone can help? Or do you
know
> of a programme I should use instead?
>
> jan
>
> - ----------
> "Half of what I say is meaningless, but I say it just to reach you..."
>
> Werk:
> Jan Bletz Teksten & Onderzoek/Info Pro
> Vossiusstraat 50, 1071 AK Amsterdam
> Tel: 020-4707444/0653-213324
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Privi:
> Zeeburgerkade 764, 1019 HT Amsterdam
> Tel: 020-6635844
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Info Pro: www.xs4all.nl/~jan, eYe: www.eyesite.nl, PartInvest:
> www.partinvest.nl, Freeler: www.freeler.nl
>
> Afspraak maken? Zie http://calendar.yahoo.com/public/janbletz voor mijn
> planning.
> Want to make an appointment? See http://calendar.yahoo.com/public/janbletz
> for my schedule.
>
> ------------------------------
>
> Date: Thu, 17 May 2001 12:17:41 -0500
> From: "Mac Reiter" <[EMAIL PROTECTED]>
> Subject: Re: VNC vs Tridia
>
> >> I see that Tridia has more encoding options (adding compression), but
AT&T
> >> VNC is ported to more platforms. Fine. But as my primary use is 100%
> >> "wintel" << yeah, yeah, *nix is much better, but I'm a corporate IT guy
> >> that has to support an infrastructure of wintel boxes---cut me some
slack,
> >> OK ;-) >> and both suites exist for that platform, I'd *really* like to
> >> know why some of you have mixed installations. Basically, if you're
using
> >> Tridia to get better WAN/dialup inet performance, why keep AT&T VNC
around
> >> for the LAN side? What's to be gained by a mixed VNC infrastructure?
>
> Handy to have Tridia Server installed so that external/slow access can use
> the Tridia Client and get compression. Internal/fast access users will
> probably prefer the floppy-sized AT&T installer (or, even better, simply
> copying the ~115KB viewer executable) over the 5-6MB Tridia installer
> (which also installs a Java runtime just to execute its install script,
and
> leaves it around so that it can execute its uninstall script later).
> Technically, if you only want the viewer, the Tridia Client can also be
> "installed" by simply copying the executable, but some people prefer to
> have a "real" install program...
>
> That's about the only thing I can think of.
> Mac
> _____________________________ /"\
> Mac Reiter \ / ASCII Ribbon Campaign
> Nomadics, Inc. X Against HTML Mail
> [EMAIL PROTECTED] / \ (To join the campaign, simply use
> this in your signature.)
>
> ------------------------------
>
> Date: Thu, 17 May 2001 12:26:14 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> On Thu, 17 May 2001, Scott C. Best wrote:
>
> > Hello! I'm sorry that my suggestions don't sound appealing to
> > you. It sounds like you found a potential weakness in a VNC system,
> > but are dis-inclined to gather more data about the particulars. My
> > experience with open source projects over the years is that the person
> > who calls in the fire is often expected to help aim the hose. :)
>
> I'm sorry that I seemed ungrateful. I was hoping for one of the
> developers to respond. Thanks for getting back to me.
>
> So I did what you wanted and tried nmap to 5801 and to 5901. Neither had
> any effect on the operation of Xvnc. It's only 6001.
>
> Now what I really mean is that VNC running on display :1 is destroyed when
> I nmap port 6001, but VNC for display :7 is destroyed if I nmap port 6007.
> What I mean by 'destroyed' is that if vncviewer was showing that display,
> it immediately stops taking input, and if vncviewer wasn't up, it can no
> longer connect to the server at all (for that display).
>
> > Like you, I get keyhole scanned several times a day, people
> > looking for Sub-7 or RPC or whatever. In fact, my own ISP scans me for
> > running an NNTP server at least once a day. :) Yet...I don't think
> > I've ever been nmap'd into a denial of service.
>
> I have. From China about two weeks ago. They sent 30,214 packets.
> (Maybe they checked that many ports, but my iplog doesn't keep track of
> all of it.) As you said, it was not subtle. See appended info. They
> managed to crack into my machine, but in a fairly lame way (as daemon but
> not as root), so I got rid of them easily.
>
> > Which gets to your original question: no, until your post, I've
> > never heard that Xvnc can be DoS'd with an nmap scan. I'd be very much
> > interested, as you would be, if that could be confirmed. I don't run
> > Xvnc here, so all the help I can offer has been.
>
> Thanks.
>
> Mike
>
> May 5 10:15:59 ICMP: echo from 202.103.98.115 (16 bytes)
> May 5 10:15:59 TCP: tcpmux connection attempt from 202.103.98.115:4104
> May 5 10:15:59 TCP: port 2 connection attempt from 202.103.98.115:4105
> May 5 10:15:59 TCP: port 3 connection attempt from 202.103.98.115:4106
> May 5 10:15:59 TCP: port 4 connection attempt from 202.103.98.115:4107
> May 5 10:15:59 TCP: port 5 connection attempt from 202.103.98.115:4108
> May 5 10:15:59 TCP: port 6 connection attempt from 202.103.98.115:4109
> May 5 10:15:59 TCP: port 8 connection attempt from 202.103.98.115:4111
> May 5 10:15:59 TCP: port 10 connection attempt from 202.103.98.115:4113
> May 5 10:15:59 TCP: systat connection attempt from 202.103.98.115:4114
> May 5 10:15:59 TCP: port 12 connection attempt from 202.103.98.115:4115
> May 5 10:15:59 TCP: port 14 connection attempt from 202.103.98.115:4117
> May 5 10:15:59 TCP: netstat connection attempt from 202.103.98.115:4118
> May 5 10:15:59 TCP: port 16 connection attempt from 202.103.98.115:4119
> May 5 10:15:59 TCP: port 18 connection attempt from 202.103.98.115:4121
> May 5 10:15:59 TCP: port scan detected from 202.103.98.115
> May 5 10:36:29 TCP: port scan mode expired for 202.103.98.115 - received
a total of 30214 packets (845992 bytes).
>
> ------------------------------
>
> Date: Thu, 17 May 2001 12:36:12 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Jan,
>
> >But: how can I connect to my office network? I have 3 computers,
> >permanently connected with ethernetcards and to the internet (an ADSL
> >connected). According to WIN VNC, my IP-address is 10.0.0.10,
> >194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I
am
> >not able to connect, for some reason. (I can reach the computer when it
is
> >directly connected to the internet by modem).
>
> it's not clear how your office network is addressed, nor the connection or
> route between client and server machines (the 10.x.x.x address isn't
> publicly routed, and the 1.x.x.x isn't likely a legal one either).
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 20:10:58 +0200
> From: Jan Bletz <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Thank you!
>
> But how do you find out what the right address is?!? According to my
> provider, it is 194.109.244.216. But if I enter this address, VNC doesn't
> find it.
>
> That's progress for you!
>
> jan
>
> At 12:36 PM 5/17/2001 -0500, you wrote:
> >Jan,
> >
> >>But: how can I connect to my office network? I have 3 computers,
> >>permanently connected with ethernetcards and to the internet (an ADSL
> >>connected). According to WIN VNC, my IP-address is 10.0.0.10,
> >>194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I
am
> >>not able to connect, for some reason. (I can reach the computer when it
is
> >>directly connected to the internet by modem).
> >
> >it's not clear how your office network is addressed, nor the connection
or
> >route between client and server machines (the 10.x.x.x address isn't
> >publicly routed, and the 1.x.x.x isn't likely a legal one either).
> >--
> >Jim Millard
> >Kansas City, MO USA
> >http://www.millard.org/
> >---------------------------------------------------------------------
> >To unsubscribe, send a message with the line: unsubscribe vnc-list
> >to [EMAIL PROTECTED]
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>
> - ----------
> "Half of what I say is meaningless, but I say it just to reach you..."
>
> Werk:
> Jan Bletz Teksten & Onderzoek/Info Pro
> Vossiusstraat 50, 1071 AK Amsterdam
> Tel: 020-4707444/0653-213324
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Privi:
> Zeeburgerkade 764, 1019 HT Amsterdam
> Tel: 020-6635844
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Info Pro: www.xs4all.nl/~jan, eYe: www.eyesite.nl, PartInvest:
> www.partinvest.nl, Freeler: www.freeler.nl
>
> Afspraak maken? Zie http://calendar.yahoo.com/public/janbletz voor mijn
> planning.
> Want to make an appointment? See http://calendar.yahoo.com/public/janbletz
> for my schedule.
>
> ------------------------------
>
> Date: Thu, 17 May 2001 13:35:11 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Jan,
>
> >But how do you find out what the right address is?!? According to my
> >provider, it is 194.109.244.216. But if I enter this address, VNC doesn't
> >find it.
> >
> >That's progress for you!
>
> Which machine/device/host has the 194.109.x.x address? If your provider is
> giving it to you, then that's ONE address, although you mention 3 boxes in
> your first post. Is that address assigned to a broadband router, or your
> own machine (with a DSL "modem")? What's the IP of the other machines you
> mention? Are either one a machine you want to run the client from, or is
> there a 4th machine in the mix?
>
> Before you worry about getting VNC to connect, you need to make sure that
> the machines in question can route to each other: can you ping from one to
> the other (and vice-versa)? Are there any firewalls or NAT/NPT'ing
gateways
> that're filtering inbound traffic?
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 13:33:27 -0500
> From: Michael Procter <[EMAIL PROTECTED]>
> Subject: Re: nmap to port 6001 kills vnc session...
>
> Mike Miller wrote:
>
> > On Wed, 16 May 2001, Scott C. Best wrote:
> >
> > > > If I run nmap on another machine as follows:
> > > >
> > > > nmap -p 6001 host.machine
> > >
> > > Instead of running nmap on all those ports (the -p <number>,
> > > without the number, scans all the low numbered ports <1024, plus any
> > > that come with the nmap config files) have you tried just running it
> > > against the 5801/5901 ports? That'd be interesting to see if it
> > > crashed your Xvnc again.
> >
> > I haven't tried it, but I don't like to crash it. Maybe someone else
can
> > try it.
> >
>
> Mike, I did against a couple of my Linux boxes and had no problems,
whether
> the viewer was open or not.
>
> >
> > This brings me to my original question: Is port 60xx DoS attack a known
> > VNC problem?
> >
> > (I'm not criticizing VNC.)
> >
>
> Really, I've nmapped machines running vnc all the time -- that's how I
> noticed I was running one I didn't aim to be running the other day. I've
> never seen one crash due to the nmap. RPM tells me I have vnc-3.3.3r2-4
for
> what it's worth.
>
> Michael Procter
> [EMAIL PROTECTED]
>
> ------------------------------
>
> Date: Thu, 17 May 2001 14:40:37 -0700
> From: "Lee Allen" <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> > But how do you find out what the right address is?!? According to my
> > provider, it is 194.109.244.216. But if I enter this address, VNC
doesn't
> > find it.
>
> If you have DSL, there is a very good chance you have a DSL
modem/firewall.
> And this device is probably performing NAT: Network Address translation.
If
> that's the case, two things have to be done:
> 1) you have to know the real, public IP address of your network (that may
> be the 194.x.x.x address)
> 2) your DSL modem/firewall must recognize the incoming VNC connections and
> redirect them to the internal IP addresses.
>
> I think the first step is to go to your ISP and ask them your public IP
> address(es), and whether you have NAT, and if so, whether your firewall
can
> be configured to redirect (aka port forwarding).
>
> Quick explanation of NAT:
> your PCs each have a unique IP address, often in the 192.168.0.x range
(but
> in your case probly the 10.0.0.x range)
> your DSL router has two sides: a public (external) side and a private
> (internal) side
> on the public side it has a real public Internet IP address
> on the private side it has a private ('fake') IP address in the same range
> as your PCs (maybe 10.0.0.1)
> for every packet going through the firewall, the firewall converts the IP
> addresses public <--> private
> this provides 2 benefits:
> - - even though you have 3 PCs your ISP only utilizes 1 IP address (and
they
> are becoming scarce)
> - - protection from crackers
>
> Think of this like an office phone system. You could have 100 different
> internal numbers (extensions) but only 1 phone line.
>
> - -Lee Allen
>
> > At 12:36 PM 5/17/2001 -0500, you wrote:
> > >Jan,
> > >
> > >>But: how can I connect to my office network? I have 3 computers,
> > >>permanently connected with ethernetcards and to the internet (an ADSL
> > >>connected). According to WIN VNC, my IP-address is 10.0.0.10,
> > >>194.109.244.216, 1.0.0.1 (the first computer in the network, that is).
I
> am
> > >>not able to connect, for some reason. (I can reach the computer when
it
> is
> > >>directly connected to the internet by modem).
> > >
> > >it's not clear how your office network is addressed, nor the connection
> or
> > >route between client and server machines (the 10.x.x.x address isn't
> > >publicly routed, and the 1.x.x.x isn't likely a legal one either).
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:11:25 +0200
> From: Harmen van der Wal <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Lee Allen wrote:
> >
> > > But how do you find out what the right address is?!? According to my
> > > provider, it is 194.109.244.216. But if I enter this address, VNC
doesn't
> > > find it.
> >
> > If you have DSL, there is a very good chance you have a DSL
modem/firewall.
> > And this device is probably performing NAT: Network Address translation.
If
> > that's the case, two things have to be done:
> > 1) you have to know the real, public IP address of your network (that
may
> > be the 194.x.x.x address)
> > 2) your DSL modem/firewall must recognize the incoming VNC connections
and
> > redirect them to the internal IP addresses.
> >
> > I think the first step is to go to your ISP and ask them your public IP
> > address(es), and whether you have NAT, and if so, whether your firewall
can
> > be configured to redirect (aka port forwarding).
> >
> > Quick explanation of NAT:
> > your PCs each have a unique IP address, often in the 192.168.0.x range
(but
> > in your case probly the 10.0.0.x range)
> > your DSL router has two sides: a public (external) side and a private
> > (internal) side
> > on the public side it has a real public Internet IP address
> > on the private side it has a private ('fake') IP address in the same
range
> > as your PCs (maybe 10.0.0.1)
> > for every packet going through the firewall, the firewall converts the
IP
> > addresses public <--> private
> > this provides 2 benefits:
> > - even though you have 3 PCs your ISP only utilizes 1 IP address (and
they
> > are becoming scarce)
> > - protection from crackers
> >
> > Think of this like an office phone system. You could have 100 different
> > internal numbers (extensions) but only 1 phone line.
> >
> > -Lee Allen
> >
> > > At 12:36 PM 5/17/2001 -0500, you wrote:
> > > >Jan,
> > > >
> > > >>But: how can I connect to my office network? I have 3 computers,
> > > >>permanently connected with ethernetcards and to the internet (an
ADSL
> > > >>connected). According to WIN VNC, my IP-address is 10.0.0.10,
> > > >>194.109.244.216, 1.0.0.1 (the first computer in the network, that
is). I
> > am
> > > >>not able to connect, for some reason. (I can reach the computer when
it
> > is
> > > >>directly connected to the internet by modem).
> > > >
> > > >it's not clear how your office network is addressed, nor the
connection
> > or
> > > >route between client and server machines (the 10.x.x.x address isn't
> > > >publicly routed, and the 1.x.x.x isn't likely a legal one either).
>
> Just guessing...
>
> - ---------|----------------------|---------------ppp0
> 10.0.0.138 10.0.0.xxx 194.109.244.216
> adsl modem eth0
>
> 192.1.0.xxx (LAN)
> eth1
>
> Ok, I'm not that smart: this is what I have.
>
> An account with 4 (routable) IP adresses is also possible (adsl fast
> old? style).
>
> Jan, I think you should bind WinVNC to the dial-up interface.
>
> - --
> Harmen
> http://www1.tip.nl/~t515027/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 14:28:22 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: Re: nmap to port 6001 kills vnc session...
>
> On Thu, 17 May 2001, Michael Procter wrote:
>
> > Mike, I did against a couple of my Linux boxes and had no problems,
> > whether the viewer was open or not.
>
> Thanks. I tried a different Sun and it did *not* crash. That Sun is
> running Solaris 2.5.1 while the others were running Solaris 2.6. All
> machines are running Xvnc v3.3.3, so I guess it's a problem with Solaris
> 2.6, unless it's a difference in something that was used to compile Xvnc.
> I think I compiled all of the Xvncs myself.
>
> > Really, I've nmapped machines running vnc all the time -- that's how I
> > noticed I was running one I didn't aim to be running the other day.
> > I've never seen one crash due to the nmap. RPM tells me I have
> > vnc-3.3.3r2-4 for what it's worth.
>
> Thanks. I guess it's a Solaris 2.6 problem. I'll let you all know if I
> ever figure out more than that.
>
> Regards,
>
> Mike
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:29:18 +0200
> From: Harmen van der Wal <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Harmen van der Wal wrote:
> >
> > Jan, I think you should bind WinVNC to the dial-up interface.
> >
>
> Sorry, that is probably incorrect. Please ignore.
>
> - --
> Harmen
> http://www1.tip.nl/~t515027/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 15:47:30 -0400
> From: "William Arbuckle" <[EMAIL PROTECTED]>
> Subject: RE: HELP me please, vnc on windows nt but the users always close
the vnc client
>
> TridaVNC does this......................
>
> FYI
> William
>
> ------------------------------
>
> Date: Thu, 17 May 2001 16:47:00 -0400
> From: Grant McDorman <[EMAIL PROTECTED]>
> Subject: Re: nmap to port 6001 kills vnc session...
>
> 600x is the X server port. It has known vunerabilities (XFree86, for
example
> had a simple one-packet DoS attack on its port; this is probably still
> present in Xvnc, since it's based on XFree86).
>
> The X security is not very strong, either; what's more, people often turn
it
> off (the command 'xhost +').
>
> Unless you are sending X traffic through the Internet, I would suggest
that
> you do not open those ports through your firewall. You certainly don't
need
> them open if you're using only a VNC viewer remotely.
>
> According to Mike Miller:
> > On Thu, 17 May 2001, Scott C. Best wrote:
> >
> > > Hello! I'm sorry that my suggestions don't sound appealing to
> > > you. It sounds like you found a potential weakness in a VNC system,
> > > but are dis-inclined to gather more data about the particulars. My
> > > experience with open source projects over the years is that the person
> > > who calls in the fire is often expected to help aim the hose. :)
> >
> > I'm sorry that I seemed ungrateful. I was hoping for one of the
> > developers to respond. Thanks for getting back to me.
> >
> > So I did what you wanted and tried nmap to 5801 and to 5901. Neither
had
> > any effect on the operation of Xvnc. It's only 6001.
> >
> > Now what I really mean is that VNC running on display :1 is destroyed
when
> > I nmap port 6001, but VNC for display :7 is destroyed if I nmap port
6007.
> > What I mean by 'destroyed' is that if vncviewer was showing that
display,
> > it immediately stops taking input, and if vncviewer wasn't up, it can no
> > longer connect to the server at all (for that display).
> >
> >
> > > Like you, I get keyhole scanned several times a day, people
> > > looking for Sub-7 or RPC or whatever. In fact, my own ISP scans me for
> > > running an NNTP server at least once a day. :) Yet...I don't think
> > > I've ever been nmap'd into a denial of service.
> >
> > I have. From China about two weeks ago. They sent 30,214 packets.
> > (Maybe they checked that many ports, but my iplog doesn't keep track of
> > all of it.) As you said, it was not subtle. See appended info. They
> > managed to crack into my machine, but in a fairly lame way (as daemon
but
> > not as root), so I got rid of them easily.
> >
> >
> > > Which gets to your original question: no, until your post, I've
> > > never heard that Xvnc can be DoS'd with an nmap scan. I'd be very much
> > > interested, as you would be, if that could be confirmed. I don't run
> > > Xvnc here, so all the help I can offer has been.
> >
> > Thanks.
> >
> > Mike
> >
> >
> > May 5 10:15:59 ICMP: echo from 202.103.98.115 (16 bytes)
> > May 5 10:15:59 TCP: tcpmux connection attempt from 202.103.98.115:4104
> > May 5 10:15:59 TCP: port 2 connection attempt from 202.103.98.115:4105
> > May 5 10:15:59 TCP: port 3 connection attempt from 202.103.98.115:4106
> > May 5 10:15:59 TCP: port 4 connection attempt from 202.103.98.115:4107
> > May 5 10:15:59 TCP: port 5 connection attempt from 202.103.98.115:4108
> > May 5 10:15:59 TCP: port 6 connection attempt from 202.103.98.115:4109
> > May 5 10:15:59 TCP: port 8 connection attempt from 202.103.98.115:4111
> > May 5 10:15:59 TCP: port 10 connection attempt from 202.103.98.115:4113
> > May 5 10:15:59 TCP: systat connection attempt from 202.103.98.115:4114
> > May 5 10:15:59 TCP: port 12 connection attempt from 202.103.98.115:4115
> > May 5 10:15:59 TCP: port 14 connection attempt from 202.103.98.115:4117
> > May 5 10:15:59 TCP: netstat connection attempt from 202.103.98.115:4118
> > May 5 10:15:59 TCP: port 16 connection attempt from 202.103.98.115:4119
> > May 5 10:15:59 TCP: port 18 connection attempt from 202.103.98.115:4121
> > May 5 10:15:59 TCP: port scan detected from 202.103.98.115
> > May 5 10:36:29 TCP: port scan mode expired for 202.103.98.115 -
received a
> total of 30214 packets (845992 bytes).
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
>
> - --
>
> - -Grant "Kamisama" McDorman, Senor Software Design Tipster[1], Advanced
> AppleCations
>
> [1] Consultant: A tipster disguised as an oracle, especially one who
> has learned to decamp at high speed in spite of the
> large briefcase and heavy wallet.
> - Stan Kelly-Bootle, _The Devil's DP Dictionary_
>
> Fortune Cookie of the Moment:
> People will accept your ideas much more readily if you tell them that
> Benjamin Franklin said it first.
>
> [demime 0.97b removed an attachment of type application/pgp-signature]
>
> ------------------------------
>
> Date: Fri, 18 May 2001 00:04:56 +0200
> From: "Bo Berglund" <[EMAIL PROTECTED]>
> Subject: How to install VNC on remote machine
>
> I need to install a GUI interface to a W2000 Pro machine so I can
administrate
> it remotely.
> I think that VNC will be possible to use, since I cannot use Terminal
Server
> because the machine is a workstation and not a server.
> The problem I have is that it is 6000 miles away and I can only get to it
> through a VPN tunnel over the Internet. I have already installed Remote
> Console so I can get to a command prompt on that machine and I can map
drive
> letters to the admin shares C$ and D$.
> So basically I can do whatever is possible in the way of copying files and
> giving command line commands.
>
> But I cannot run an InstallShield setup.exe program to get the VNC server
> installed, because that is a GUI thing. Catch 22!
>
> So my question is:
> Is it possible to install the VNC server on that machine without
physically
> travelling overseas to its keyboard?
> If so, how is it accomplished??
>
> Obviously I am the admin of that machine.
>
> /Bo Berglund
>
> ------------------------------
>
> Date: Thu, 17 May 2001 15:32:40 -0700
> From: "Brian Street" <[EMAIL PROTECTED]>
> Subject: RedHat 7.0 and VNC
>
> Hello,
>
> The problems continue ...
>
> I've managed to get VNC running on Solaris 8 and RedHat 6.2 and still have
> Solaris 2.6 and RedHat 7.0.
>
> I haven't started the Solaris 2.6 yet, but the RedHat 7.0 machine is
giving
> me quite the fits.
>
> RedHat 7.0 is running xinetd and I converted my inetd.conf entry to the
> xinetd format with a script inetdconvert. I'm unable to resolve the
> "invalid protocol" error.
>
> I thought I saw a post about IPv6 causing this problem but am unable to
> locate it. Am I headed in the right direction?
>
> Thanks,
> Brian Street.
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:38:01 -0400
> From: "Rob Cornelius" <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> Try a free e-mailing client that can sent a e-mail message to you with
your
> ip address. you can have your pc create a text file with the ip address
by
> using the command /? at the end of the winipcfg or ipconfig command.
>
> Use the > symbol followed by the file name you want created:
>
> for example dir >c:\dir.txt will create the text file showing the
directory
> list
>
> Rob
>
> >From: "Steve Godfrey" <[EMAIL PROTECTED]>
> >Reply-To: [EMAIL PROTECTED]
> >To: <[EMAIL PROTECTED]>
> >Subject: Obtaining IP address over internet
> >Date: Thu, 17 May 2001 08:44:00 +0100
> >
> >I wank to VNC to my home PC from work over the internet, My dial-up
modem
> >connection is occasionally dropped and the IP address will change every
> >time
> >the PC reconnects. Any suggestion for obtaining my IP address remotely?
> >
> >Thanks
> >
> >
> >Steve Godfrey
> >WAN Team
> >---------------------------------------------------------------------
> >To unsubscribe, send a message with the line: unsubscribe vnc-list
> >to [EMAIL PROTECTED]
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:24:15 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: How to install VNC on remote machine
>
> >So my question is:
> >Is it possible to install the VNC server on that machine without
physically
> >travelling overseas to its keyboard?
> >If so, how is it accomplished??
>
> 1) install the package to your own local machine
> 2) start the WinVNC server with the password you want on the remote
machine
> 3) copy the contents of the local directory to the remote machine
> 4) copy %windir%\system32\omnithread_rt.dll to the remote machine
> 5) on the remote console, run "winvnc -install" (no quotes)
> 6) using regedt32, open the remote machine's registry and copy *exactly*
> the following registry entry from your box (you'll have to create some
keys):
> Key: HKLM\SOFTWARE\ORL\WinVNC3\Default
> Value: Password
> Type: BINARY
> Content: password hash from your machine
> 7) on the remote console, run 'net start "vnc server"'
>
> It should let you connect just fine. You'll end up with all the defaults
> because the only thing you "pre set" was the password, but once you're on
> it via GUI, you can further refine the settings using the GUI dialog box.
>
> >Obviously I am the admin of that machine.
> >
> >/Bo Berglund
> >---------------------------------------------------------------------
> >To unsubscribe, send a message with the line: unsubscribe vnc-list
> >to [EMAIL PROTECTED]
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>
> - --
> Jim Millard
> +--------------------------------------------------------------+
> Kansas City, MO http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 23:38:31 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> On Thu, 17 May 2001, Rob Cornelius wrote:
>
> > Try a free e-mailing client that can sent a e-mail message to you with
> > your ip address. you can have your pc create a text file with the ip
> > address by using the command /? at the end of the winipcfg or ipconfig
> > command.
> >
> > Use the > symbol followed by the file name you want created:
> >
> > for example dir >c:\dir.txt will create the text file showing the
> > directory list
>
> On Win98 (what I'm using), I'd have to use this command:
>
> winipcfg /Batch c:\dir.txt
>
> the /? is not supported, but with /Batch, no redirection is needed, it
> goes straight to the file. If no name is given, it goes to winipcfg.out
> in the default directory.
>
> Mike
>
> ------------------------------
>
> End of vnc-list-digest V1 #1136
> *******************************
>
> To stop receiving this digest, mail [EMAIL PROTECTED]
> with the line 'unsubscribe vnc-list-digest' in the message BODY
> See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
